A Reliable Data Provenance and Privacy Preservation Architecture for Business-Driven Cyber-Physical Systems Using Blockchain

Xueping Liang; Sachin Shetty; Deepak K. Tosh; Juan Zhao; Danyi Li; Jihong Liu

doi:10.4018/ijisp.2018100105

A Reliable Data Provenance and Privacy Preservation Architecture for Business-Driven Cyber-Physical Systems Using Blockchain

Cyber Warfare and Terrorism ◽

10.4018/978-1-7998-2466-4.ch037 ◽

2020 ◽

pp. 597-612

Author(s):

Xueping Liang ◽

Sachin Shetty ◽

Deepak K. Tosh ◽

Juan Zhao ◽

Danyi Li ◽

...

Keyword(s):

Power Systems ◽

Privacy Preservation ◽

Personal Information ◽

Single Point ◽

Cyber Physical Systems ◽

Data Provenance ◽

User Privacy ◽

Industrial Control ◽

Industrial Control Systems ◽

Physical Systems

Cyber-physical systems (CPS) including power systems, transportation, industrial control systems, etc. support both advanced control and communications among system components. Frequent data operations could introduce random failures and malicious attacks or even bring down the whole system. The dependency on a central authority increases the risk of single point of failure. To establish an immutable data provenance scheme for CPS, the authors adopt blockchain and propose a decentralized architecture to assure data integrity. In business-driven CPS, end users are required to share their personal information with multiple third parties. To prevent data leakage and preserve user privacy, the authors isolate and feed different information retrieval requests using tokens specifically generated for each type of request. Providing both traceability of data operations, and unlinkability of end user activities, a robust blockchain-based CPS is prototyped. Evaluation indicates the architecture is capable of assured data provenance validation and user privacy preservation at a low overhead.

Download Full-text

Security of Industrial Control Systems and Cyber Physical Systems

10.1007/978-3-319-40385-4 ◽

2016 ◽

Cited By ~ 2

Keyword(s):

Control Systems ◽

Cyber Physical Systems ◽

Industrial Control ◽

Industrial Control Systems ◽

Physical Systems

Download Full-text

Security of Industrial Control Systems and Cyber-Physical Systems

10.1007/978-3-319-61437-3 ◽

2017 ◽

Cited By ~ 1

Keyword(s):

Control Systems ◽

Cyber Physical Systems ◽

Industrial Control ◽

Industrial Control Systems ◽

Physical Systems

Download Full-text

A Self-Adaptive Software System for Increasing the Reliability and Security of Cyber-Physical Systems

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Solutions for Cyber-Physical Systems Ubiquity ◽

10.4018/978-1-5225-2845-6.ch009 ◽

2018 ◽

pp. 223-246 ◽

Cited By ~ 3

Author(s):

Johannes Iber ◽

Tobias Rauter ◽

Christian Kreiner

Keyword(s):

Heterogeneous Systems ◽

Cyber Physical Systems ◽

Software Systems ◽

Software System ◽

Adaptive Software ◽

Industrial Control ◽

Hydro Power ◽

Industrial Control Systems ◽

Physical Systems ◽

Self Adaptive

The advancement and interlinking of cyber-physical systems offer vast new opportunities for industry. The fundamental threat to this progress is the inherent increase of complexity through heterogeneous systems, software, and hardware that leads to fragility and unreliability. Systems cannot only become more unreliable, modern industrial control systems also have to face hostile security attacks that take advantage of unintended vulnerabilities overseen during development and deployment. Self-adaptive software systems offer means of dealing with complexity by observing systems externally. In this chapter the authors present their ongoing research on an approach that applies a self-adaptive software system in order to increase the reliability and security of control devices for hydro-power plant units. The applicability of the approach is demonstrated by two use cases. Further, the chapter gives an introduction to the field of self-adaptive software systems and raises research challenges in the context of cyber-physical systems.

Download Full-text

Autoencoder Based Anomaly Detection for SCADA Networks

International Journal of Artificial Intelligence and Machine Learning ◽

10.4018/ijaiml.20210701.oa6 ◽

2021 ◽

Vol 11 (2) ◽

pp. 83-99

Author(s):

Sajid Nazir ◽

Shushma Patel ◽

Dilip Patel

Keyword(s):

Cyber Attacks ◽

Traffic Patterns ◽

Industrial Control ◽

Industrial Control Systems ◽

Physical Systems ◽

Anomalous Data ◽

National Importance ◽

Attack Patterns ◽

Attack Surface ◽

Scada Networks

Supervisory control and data acquisition (SCADA) systems are industrial control systems that are used to monitor critical infrastructures such as airports, transport, health, and public services of national importance. These are cyber physical systems, which are increasingly integrated with networks and internet of things devices. However, this results in a larger attack surface for cyber threats, making it important to identify and thwart cyber-attacks by detecting anomalous network traffic patterns. Compared to other techniques, as well as detecting known attack patterns, machine learning can also detect new and evolving threats. Autoencoders are a type of neural network that generates a compressed representation of its input data and through reconstruction loss of inputs can help identify anomalous data. This paper proposes the use of autoencoders for unsupervised anomaly-based intrusion detection using an appropriate differentiating threshold from the loss distribution and demonstrate improvements in results compared to other techniques for SCADA gas pipeline dataset.

Download Full-text

IoT-Based Digital Twin for Energy Cyber-Physical Systems: Design and Implementation

Energies ◽

10.3390/en13184762 ◽

2020 ◽

Vol 13 (18) ◽

pp. 4762 ◽

Cited By ~ 1

Author(s):

Ahmed Saad ◽

Samy Faddel ◽

Osama Mohammed

Keyword(s):

Power Systems ◽

Systems Design ◽

Cyber Physical Systems ◽

Superior Performance ◽

Physical Systems ◽

Digital Twin ◽

Power And Control ◽

Amazon Web Services ◽

High Bandwidth ◽

And Control

With the emergence of distributed energy resources (DERs), with their associated communication and control complexities, there is a need for an efficient platform that can digest all the incoming data and ensure the reliable operation of the power system. The digital twin (DT) is a new concept that can unleash tremendous opportunities and can be used at the different control and security levels of power systems. This paper provides a methodology for the modelling of the implementation of energy cyber-physical systems (ECPSs) that can be used for multiple applications. Two DT types are introduced to cover the high-bandwidth and the low-bandwidth applications that need centric oversight decision making. The concept of the digital twin is validated and tested using Amazon Web Services (AWS) as a cloud host that can incorporate physical and data models as well as being able to receive live measurements from the different actual power and control entities. The experimental results demonstrate the feasibility of the real-time implementation of the DT for the ECPS based on internet of things (IoT) and cloud computing technologies. The normalized mean-square error for the low-bandwidth DT case was 3.7%. In the case of a high-bandwidth DT, the proposed method showed superior performance in reconstructing the voltage estimates, with 98.2% accuracy from only the controllers’ states.

Download Full-text

An Efficient Encryption Algorithm for the Security of Sensitive Private Information in Cyber-Physical Systems

Electronics ◽

10.3390/electronics8111220 ◽

2019 ◽

Vol 8 (11) ◽

pp. 1220 ◽

Cited By ~ 2

Author(s):

Xiaogang Zhu ◽

Gautam Srivastava ◽

Reza M. Parizi

Keyword(s):

Private Information ◽

Information Acquisition ◽

Personal Information ◽

Smart Cities ◽

Recognition Rate ◽

Cyber Physical Systems ◽

Information Resources ◽

Encryption Algorithm ◽

Utilization Rate ◽

Physical Systems

The new developments in smart cyber-physical systems can be shown to include smart cities, Internet of things (IoT), and for the most part smart anything. To improve the security of sensitive personal information (SPI) in cyber-physical systems, we present some novel ideas related to the encryption of SPI. Currently, there are issues in traditional encryption methods, such as low speed of information acquisition, low recognition rate, low utilization rate of effective information resources, and high delay of information query. To address these issues, we propose a novel efficient encryption algorithm for the security of incremental SPI. First, our proposed method analyzes user information resources and determines valid data to be encrypted. Next, it uses adaptive acquisition methods to collect information, and uses our encryption method to complete secure encryption of SPI according to the acquisition results. Our experimental analysis clearly shows that the algorithm effectively improves the speed of information acquisition as well as effective information recognition rate, thus enhancing the security of SPI. The encryption model in turn can provide a strong guarantee for user information security.

Download Full-text

Digital Forensic Analysis of Industrial Control Systems Using Sandboxing: A Case of WAMPAC Applications in the Power Systems

Energies ◽

10.3390/en12132598 ◽

2019 ◽

Vol 12 (13) ◽

pp. 2598

Author(s):

Asif Iqbal ◽

Farhan Mahmood ◽

Mathias Ekstedt

Keyword(s):

Power Systems ◽

Control Systems ◽

Forensic Analysis ◽

Cyber Attacks ◽

Power Grids ◽

Cyber Attack ◽

Industrial Control ◽

Industrial Control Systems ◽

Daubert Standard ◽

And Control

In today’s connected world, there is a tendency of connectivity even in the sectors which conventionally have been not so connected in the past, such as power systems substations. Substations have seen considerable digitalization of the grid hence, providing much more available insights than before. This has all been possible due to connectivity, digitalization and automation of the power grids. Interestingly, this also means that anybody can access such critical infrastructures from a remote location and gone are the days of physical barriers. The power of connectivity and control makes it a much more challenging task to protect critical industrial control systems. This capability comes at a price, in this case, increasing the risk of potential cyber threats to substations. With all such potential risks, it is important that they can be traced back and attributed to any potential threats to their roots. It is extremely important for a forensic investigation to get credible evidence of any cyber-attack as required by the Daubert standard. Hence, to be able to identify and capture digital artifacts as a result of different attacks, in this paper, the authors have implemented and improvised a forensic testbed by implementing a sandboxing technique in the context of real time-hardware-in-the-loop setup. Newer experiments have been added by emulating the cyber-attacks on WAMPAC applications, and collecting and analyzing captured artifacts. Further, using sandboxing for the first time in such a setup has proven helpful.

Download Full-text